ELK搭建过程中遇到的问题
ElasticSearch+kibana+logstash监控和分析系统
我是用的版本组合(注意版本之间的组合):
kibana-6.0.1-linux-x86_64.tar.gz
elasticsearch-6.0.1.tar.gz
logstash-6.0.1.tar.gz
使用logstash遇到的问题:
(其实目前遇到的问题在晚上有比较详细的解决方案。这里只是作为记录和备注)
问题1 Failed to execute action {:action=>LogStash::PipelineAction::Create/pipeline_id:main, :exception=>“LogStash::ConfigurationError”, :message=>"Expected one of #, input, filter, output at line 3, column 1 (byte 76) after
我的主要是使用的logstash启动的时候,配置文件都写错了,其次是我的主要修改的logstash的2个配置文件中有改错的地方;最后使用./bin/logstash -f ./myconf/local2es.conf -t检查配置文件格式是否正确!
关于logstash的安装与测试,可以使用这个连接的案例: http://www.linuxe.cn/post-309.html
问题2:Logstash throws unexpected error: <ArgumentError: Setting “” hasn’t been registered>
这个完全是配置文件中出现非法的字符,或者编码方式不正确。可以根据错误提示手动写入相关的配置项;
比如:我的配置文件中删除相应的非法的空格就可以了。
使用ES中注意事项
不能使用root用户来直接启动elasticsearch,需要创建相应的es的用户组,例如
groupadd elsearch #创建es用户组
useradd elsearch -g elsearch #创建es的用户
sudo chown -R elsearch /hadoop/elasticsearch-6.0.1 #给整个elasticsearch-6.0.1文件目录赋予用户组和属主权限
# sudo chgrp -R elsearch /hadoop/elasticsearch-6.0.1 # 只是更改文件的属组权限,不该用户属主1权限
#chmod是更改文件的权限 chown是改改文件的属主与属组 chgrp只是更改文件的属组。es的其他错误,直接在网上搜一下就可以解决了,此处不再赘述!
插件ElasticSearch-head安装问题
head是一个es的插件,可以链接远程的es,可以把它看做es的客户源。也可以观察es1的集群、分片情况以及将框情况。在head插件上,我们可以很方便访问es,以及查看es的集群状况。
git clone https://github.com/mobz/elasticsearch-head.git # 安装过程需要连接互联网
cd elasticsearch-head # git clone后会自动生成的一个目录
#需要先安装node.js
npm install
npm run start正常启动以后可以通过使用浏览器打开http://192.168.11.100:9100。如果能正常打开说明head插件安装正确。
如果集群中安装失败,提示错误错误时候要安装npm命令,这是一个前段的js插件命令,我命可以直接下载相应的node.js安装,之后仍然报如下错误:(其中tar (child): bzip2: Cannot exec: No such file or directory)。
[root@host1 elasticsearch-head]# npm install
> phantomjs-prebuilt@2.1.16 install /hadoop/elk/elasticsearch-head/node_modules/phantomjs-prebuilt
> node install.js
PhantomJS not found on PATH
Download already available at /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
Verified checksum of previously downloaded file
Extracting tar contents (via spawned process)
Error extracting archive
Phantom installation failed { Error: Command failed: tar jxf /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
tar (child): bzip2: Cannot exec: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
at ChildProcess.exithandler (child_process.js:273:12)
at ChildProcess.emit (events.js:180:13)
at maybeClose (internal/child_process.js:936:16)
at Socket.stream.socket.on (internal/child_process.js:353:11)
at Socket.emit (events.js:180:13)
at Pipe._handle.close [as _onclose] (net.js:541:12)
killed: false,
code: 2,
signal: null,
cmd: 'tar jxf /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2' } Error: Command failed: tar jxf /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
tar (child): bzip2: Cannot exec: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
at ChildProcess.exithandler (child_process.js:273:12)
at ChildProcess.emit (events.js:180:13)
at maybeClose (internal/child_process.js:936:16)
at Socket.stream.socket.on (internal/child_process.js:353:11)
at Socket.emit (events.js:180:13)
at Pipe._handle.close [as _onclose] (net.js:541:12)
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.9 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.9: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! phantomjs-prebuilt@2.1.16 install: `node install.js`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the phantomjs-prebuilt@2.1.16 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2019-07-03T09_00_45_553Z-debug.log提示确实bzip,我么直接下载安装bzip,命令:yum install bzip2
然后再次执行
npm install
npm run start再次打开相应的该插件的web ui :http://192.168.xxx.xxx:9100/
(刚刚开始接触,欢迎交流!!)
